How does Wireshark judge whether a protocol is SMTP or TCP through the header field?

I know that SMTP is based on TCP, like HTTP, but how does Wireshark judge it as SMTP rather than TCP?

Solution

How does Wireshark judge it as SMTP rather than TCP?

It doesn't. SMTP is inside the payload of a TCP packet. So Wireshark will first dissect TCP and if it has dissectors available to parse the payload, it will also parse that, like SMTP in this case. In conclusion, your "SMTP packet" is also a TCP packet. E. g., you can filter your SMTP packets by TCP attributes like ports.

I'm trying to send TCP SYN packet in java using Pcap4j library, but I get a NullPointerException on line "ipv4Builder.build();"
Is it possible to lose a message in a WebSocket without losing the connection?
TCP/IP Programming in C
Calculating range of IPs from subnet mask
Using poll() for a TCP server in C
Custom newline chracter in python socketserver.StreamRequestHandler
Why is my own webserver slow with Chrome, fast with Firefox? "Initial connection" for every request ~300ms
Only one usage of each socket address (protocol/network address/port) is normally permitted?
Reduce TCP maximum segment size (MSS) in Linux on a socket
How to find a free TCP port
TCP socket error 10061
Php send 65 Ascii char to socket
Spring integration: Issue with Listening to TcpConnectionOpenEvent and TcpConnectionCloseEvent along with interceptors
tcp stream replay tool
TCP: How are the seq / ack numbers generated?
Linux: is there a read or recv from socket with timeout?
TCP/IP failed to establish an outgoing connection
How to know TCP connection is closed in net package?
How is an INADDR_ANY socket able to effectively handle packets from anywhere on the internet?
Find (and kill) process locking port 3000 on Mac
Why can I successfully connect to a netcat server from the adb shell and not from the Android app?
How many bytes in one round-trip for an HTTP/2 browser request over mobile networks?
stack smashing detected on function return
tcpdump does not capture all packets at high packet frequency
NGINX to reverse proxy websockets AND enable SSL (wss://)?
How to change MTU setting permanently?
What is the effect of setting a linux socket - high priority?
Async socket client using TcpClient class C#
Why Wireshark display filter does not show http packets?
TCP IP socket.receive, data received in .Net application but not in Unity